Cassandra: eXtensions Blocked by ZScaler - Just United Airlines, Just at Denver

By Graham K. Rogers

A year ago, a reader of eXtensions was passing through Denver, Colorado and connected to the United Airlines WiFi there, only to be told that eXtensions was blocked. He had plenty of other sites to link top and wrote me email later as a point of interest. There was a time about 5 years ago when a group of IP numbers were transferred for use in Thailand and a number of sites did block these for a period; but that was cleared up then. At least I thought so.

At that time, unsure why a site that covers Apple-related news and occasionally travel items in Thailand would be blocked, I wrote to United Airlines using their site Contact system, but had no reply.

I let it ride then, but this year, the same user, again passing through Denver, Colorado, connected to the United Airlines WiFi there, only to be told that eXtensions was blocked. He contacted me again. This time, however, he sent a screenshot which showed that the reason was a so-called protection system from ZScaler and that this was protecting the user from Internet threats. I am not flattered. [I have edited the screenshot for privacy reasons]

What was more interesting was that on the same journey, the reader logged in to United Airlines WiFI in the Narita Lounge as well as EVA Air lounges in Taipei and Los Angeles. I had recently used both of the EVA Air lounges and in Taipei had no problem: not just browsing my site, but also loading up an article on Apple's new San Francisco store that I had written on the plane using FTP. Just at Denver.

I connected to the ZScaler site and used the contact page, which gave me about 90 characters to outline my problem. Twitter has been an excellent teacher in writing concisely, but I was a little stretched with under 100 characters to play with. Within seconds an automatic response was received and I was told I would be contacted. Don't hold your breath.

Five days later there was an email from ZScaler, but this was no more than a self-congratulatory advertisement with a link offering me a download of a Gartner report. I replied immediately:

Thank you for your automatic response email that was sent on 5 June this year. Unfortunately, no one has been in touch since then, apart from an email advertising your success as a "Leader in the Gartner Magic Quadrant for Secure Web Gateways"

[sic] and offering me a chance to download a complimentary copy of the Gartner report.

At this stage I would rather discuss the problem that my site and one of my readers always has when using the United Airlines WiFi at Denver.

Nothing further happened and I wrote again on 28 June:

With reference to the text and information below, I have now written twice concerning this problem. The first time (5 June) I had an automatic response and the second time (10 June) when no follow up had been received, as per the text below.

I would be grateful for some assurance that someone - anyone - at ZScaler cares one whit about its operations and just not simply ignore communications from blocked websites as a matter of course.

I also added a comment that, if I heard nothing within 7 days, I would use my own site (hence this item). I did hear from the company a couple of days later: another Gartner-flavoured advertisement inviting me to a webcast that included among the speakers, Atri Chatterjee Chief Marketing Officer of Zscaler, whom I guess is the person I can now blame for the marketing spam and whose organisation has still not given me any reason as to why they block my website. Just at Denver.

That webcast seminar email was followed by another (7 July) that told me also in the list of speakers was Dr. Manoj Apte, SVP of Product Management, Zscaler. Instead of a thought provoking webcast discussion, I was having an annoyance-provoking and one-sided communication with a company that seems unwilling or unable to address the question of the way they apply their security parameters by replying to a query. "We will get back to you" has the same hollow ring as "The check is in the mail".

A check on Google suggests that not all is perfect with some commentators unhappy with the way ZScaler works. One blog included, "complex and troublesome deployments. Routing is commonly misconfigured, and a complex proxy deployment that many users have problems with is commonly recommended." Well, that sounds familiar.

It is no wonder a small site like mine cannot be seen by a user. But just United Airlines; Just at Denver.

Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs. He is now continuing that in the Bangkok Post supplement, Life. He can be followed on Twitter (@extensions_th)